A multi-theoretical perspective on conceptualization and contextualization of IS security behavior
Abstract
The Internet has connected almost everything in our daily life, making information systems security (ISec) an important issue not only to organizations but also to personal users. Despite the increasing number of users of Internet-connected IT, there is insufficient research into how users make their ISec-related decisions (i.e., the cognitive appraisals), their decision-making process under the influence of emotion (i.e., the emotional motivation), user characteristics (e.g., user involvement, years of use), or whether they have enough ISec knowledge to make the right decision to secure their information and computing environment (i.e., the knowledge level).
This dissertation contributes to bridging these research gaps by focusing on three studies that explore the security-related decision-making process among personal users. By using novel theoretical perspectives and revisiting some of the “old” theoretical assumptions, we offer insights of value to both academics and practitioners. Three studies are tested and reported that provide insights into the cognitive appraisals, emotional motivation, user characteristics, and ISec knowledge of personal users’ decision-making process regarding security-related behavior.
By considering additional theories and constructs and revisiting the theoretical and methodology perspectives, this dissertation provides several contributions to behavioral ISec studies. The results of the empirical study provide new insights into the cognitive mediation process, the decision-making process under the influence of defensive avoidance, and personal users’ self-regulated ability to protect their personal computing devices.
Keywords: cognitive mediation, defensive avoidance, information security knowledge, threat appeals, boundary condition, conceptualization, instrument development
Main Author
Format
Theses
Doctoral thesis
Published
2022
Series
ISBN
978-951-39-9317-7
Publisher
Jyväskylän yliopisto
The permanent address of the publication
https://urn.fi/URN:ISBN:978-951-39-9317-7Use this for linking
ISSN
2489-9003
Language
English
Published in
JYU Dissertations
Contains publications
- Artikkeli I: Xie, Y., Siponen, M., Moody, G., & Zheng, X. The cognitive mediation process in threat-based theories in IS security. Major revision in Computers & Security.
- Artikkeli II: Xie, Y., Siponen, M., Moody, G., & Zheng, X. (2022). Discovering the Interplay between Defensive Avoidance and Continued Use Intention of Anti-malware Software among Experienced Home Users : A Moderated Mediation Model. Information and Management, 59(2), Article 103586. DOI: 10.1016/j.im.2021.103586
- Artikkeli III: Xie, Y., & Siponen, M. Declarative and procedural information security knowledge of the general public: Conceptualization and instrument development. Unpublished Manuscript.
Copyright© The Author & University of Jyväskylä